Charlie Miller (security researcher)
   HOME

TheInfoList



OR:

Charles Alfred Miller is an American
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...
researcher with
Cruise Automation Cruise LLC is an American self-driving car company headquartered in San Francisco, California. Founded in 2013 by Kyle Vogt and Dan Kan, Cruise tests and develops autonomous car technology. The company is a largely-autonomous subsidiary of G ...
. Prior to his current employment, he spent five years working for the
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...
and has worked for
Uber Uber Technologies, Inc. (Uber), based in San Francisco, provides mobility as a service, ride-hailing (allowing users to book a car and driver to transport them in a way similar to a taxi), food delivery (Uber Eats and Postmates), package ...
.


Education

Miller holds a bachelor's degree in
mathematics Mathematics is an area of knowledge that includes the topics of numbers, formulas and related structures, shapes and the spaces in which they are contained, and quantities and their changes. These topics are represented in modern mathematics ...
with a minor in
philosophy Philosophy (from , ) is the systematized study of general and fundamental questions, such as those about existence, reason, knowledge, values, mind, and language. Such questions are often posed as problems to be studied or resolved. Some ...
from the then called Northeast Missouri State, and a Ph.D. in mathematics from the
University of Notre Dame The University of Notre Dame du Lac, known simply as Notre Dame ( ) or ND, is a private Catholic research university in Notre Dame, Indiana, outside the city of South Bend. French priest Edward Sorin founded the school in 1842. The main campu ...
in 2000. He lives in
Wildwood, Missouri Wildwood is a city in St. Louis County, Missouri, United States. It is located in the far western portion of the county. As of the 2020 census, the population was 35,417. Wildwood is the home of the Al Foster Trail, and numerous other trails, p ...
.


Security research

Miller was a lead analyst at Independent Security Evaluators, a computer protection consultancy. He has publicly demonstrated many security exploits of
Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
products. In 2008, he won a $10,000 cash prize at the hacker conference
Pwn2Own Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference. First held in April 2007 in Vancouver, the contest is now held twice a year, most recently in April 2021. Contestants are challenged to exploit widely us ...
in
Vancouver, British Columbia Vancouver ( ) is a major city in western Canada, located in the Lower Mainland region of British Columbia. As the List of cities in British Columbia, most populous city in the province, the 2021 Canadian census recorded 662,248 people in the ...
, Canada for being the first to find a critical bug in the
MacBook Air The MacBook Air is a line of ultrabook computers developed and manufactured by Apple Inc. It consists of a full-size keyboard, a machined aluminum case, and, in the more modern versions, a thin light structure. The Air was originally positioned ...
. In 2009, he won $5,000 for cracking Apple's
Safari A safari (; ) is an overland journey to observe wild animals, especially in eastern or southern Africa. The so-called "Big Five" game animals of Africa – lion, leopard, rhinoceros, elephant, and Cape buffalo – particularly form an importa ...
browser. Also in 2009, he and Collin Mulliner demonstrated an
SMS Short Message/Messaging Service, commonly abbreviated as SMS, is a text messaging service component of most telephone, Internet and mobile device systems. It uses standardized communication protocols that let mobile devices exchange short text ...
processing vulnerability that allowed for complete compromise of the Apple iPhone and
denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
s on other phones. In 2011, he found a security hole in the iPhone and iPad, whereby an application can contact a remote computer to download new unapproved software that can execute any command that could steal personal data or otherwise using
iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also includes ...
applications functions for malicious purposes. As a proof of concept, Miller created an application called ''Instastock'' that was approved by Apple's
App Store An App Store (or app marketplace) is a type of digital distribution platform for computer software called applications, often in a mobile context. Apps provide a specific set of functions which, by definition, do not include the running of the co ...
. He then informed Apple about the security hole, who promptly expelled him from the App Store. Miller participated in research on discovering security vulnerabilities in NFC (
Near Field Communication Near-field communication (NFC) is a set of communication protocols that enables communication between two electronic devices over a distance of 4 cm (1 in) or less. NFC offers a low-speed connection through a simple setup that can be u ...
). Miller, along with
Chris Valasek Chris Valasek is a computer security researcher with Cruise Automation, a self-driving car startup owned by GM, and best known for his work in automotive security research. Prior to his current employment, he worked for IOActive, Coverity, Accuva ...
, is known for remotely hacking a 2014
Jeep Cherokee The Jeep Cherokee is a line of SUVs manufactured and marketed by Jeep over five generations. Originally marketed as a variant of the Jeep Wagoneer, the Cherokee has evolved from a full-size SUV to one of the first compact SUVs and into its curr ...
and controlling the
braking A brake is a mechanical device that inhibits motion by absorbing energy from a moving system. It is used for slowing or stopping a moving vehicle, wheel, axle, or to prevent its motion, most often accomplished by means of friction. Background ...
,
steering Steering is a system of components, linkages, and other parts that allows a driver to control the direction of the vehicle. Introduction The most conventional steering arrangement allows a driver to turn the front wheels of a vehicle using ...
, and
acceleration In mechanics, acceleration is the rate of change of the velocity of an object with respect to time. Accelerations are vector quantities (in that they have magnitude and direction). The orientation of an object's acceleration is given by the ...
of the vehicle.


Publications

* iOS Hacker Handbook * The Mac Hacker's Handbook * Fuzzing for Software Security Testing and Quality Assurance *Battery firmware hacking: inside the innards of a smart battery


References


External links

* * * * * * {{DEFAULTSORT:Miller, Charlie Living people University of Notre Dame alumni Computer security specialists Year of birth missing (living people)